OPA policy for Kubernetes memory limits
Tim Hinrichs, CTO of Styra and Co-founder of Open Policy Agent, live codes an OPA policy that enforces total memory limits on pods in Kubernetes.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Containers
OPA policy for Kubernetes label management
Tim Hinrichs, CTO of Styra and Co-founder of Open Policy Agent, live codes an OPA policy for Kubernetes admission control. The policy requires an owner label on every resource and forcibly guarantees imagePullPolicy is set to Always.
60% of Organizations Suffered a Container Security Incident in 2018, Finds Study
Many organizations have DevOps on their mind going into 2019. This is a global movement. In fact, Puppet and Splunk received responses for their 2018 State of DevOps Report from organizations on every continent except Antarctica. Those organizations varied in their industry, size and level of DevOps maturity, but they were all interested in learning how they could advance their DevOps evolution going forward.
Achieve CIS Compliance in Cloud, Container and DevOps Environments
If you are embracing DevOps, cloud and containers, you may be at risk if you’re not keeping your security methodologies up to date with these new technologies. New security techniques are required in order to keep up with current technology trends, and the Center for Internet Security (CIS) provides free cybersecurity best practices for many newer platforms.
Enforce Docker Image CIS Policy Compliance with Tripwire for DevOps
We are working hard adding features to our new Tripwire for DevOps service, initially announced at BlackHat 2018. If you are a loyal State of Security follower, last you read we added Auditing for Amazon Machine Images (aka AMIs). Today, we are introducing CIS policy compliance auditing for Docker images. Tripwire for DevOps allows you to evaluate your Docker Images to check for policy compliance at build time.
Clarifying the Misconceptions: Monitoring and Auditing for Container Security
An effective container security strategy consists of many parts. Organizations should first secure the build environment using secure code control along with build tools and controllers. Next, they should secure the contents of their containers using container validation, code analysis and security unit tests. Finally, they should develop a plan to protect their containers in production systems by focusing on runtime security, platform security and orchestration manager security.
Teleport 3.0 Demo
In this video, we demo Teleport 3.0 and its new support for acting as a privileged access management gateway for Kubernetes.
Strengthen Production Systems with Container Runtime Security
Container security is not a unitary action but a multifaceted process. It involves securing the build environment using secure code control and other strategies. The procedure also necessitates securing containers’ contents via code analysis and unit tests.
Privileged Access Management Best Practices Using SSH and Teleport
Gravitational CTO, Sasha Klizhentas, goes through the best practices for setting up privileged access management when using SSH to access cloud-native server infrastructure. He also describes how these concepts are applied to Teleport - privileged access management for elastic infrastructure that doesn't get in the way.
Got Container Security? Make Sure to Secure Code and Supplemental Components
Organizations face numerous primary threats and security concerns when it comes to their container environments. Those issues extend into their build environment, an area which organizations need to protect because it’s usually the least secure aspect of their container infrastructure. They also extend into other areas, including inside the containers themselves.